From 85d11a696e456e7b60ee6026b8a166414458c8fc Mon Sep 17 00:00:00 2001 From: einhverfr Date: Tue, 11 Sep 2007 04:26:33 +0000 Subject: Full tree in place. Now to add permission grants git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1559 4979c152-3d1c-0410-bac9-87ea11338e46 --- sql/modules/Roles.sql | 383 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 383 insertions(+) create mode 100644 sql/modules/Roles.sql (limited to 'sql') diff --git a/sql/modules/Roles.sql b/sql/modules/Roles.sql new file mode 100644 index 00000000..7994a6e3 --- /dev/null +++ b/sql/modules/Roles.sql @@ -0,0 +1,383 @@ +-- Contacts + +CREATE ROLE lsmb___create_contact +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___edit_contact +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___read_contact +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___contact_all_rights +WITH INHERIT NOLOGIN +in role lsmb___create_contact, +lsmb___edit_contact, +lsmb___read_contact; + +-- Batches and VOuchers +CREATE ROLE lsmb___create_batch +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___create_list_batches +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___create_post_batches +WITH INHERIT NOLOGIN; + + +-- AR +CREATE ROLE lsmb___create_ar_transaction +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +CREATE ROLE lsmb___create_ar_transaction_voucher +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact, +lsmb___create_batch; + +CREATE ROLE lsmb___create_ar_invoice +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +CREATE ROLE lsmb___create_ar_invoice_voucher +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact, +lsmb___create_batch; + +CREATE ROLE lsmb___list_ar_transactions +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +CREATE ROLE lsmb___ar_all_vouchers +WITH INHERIT NOLOGIN +IN ROLE lsmb___create_ar_transaction_voucher, +lsmb___create_ar_invoice_voucher; + +CREATE ROLE lsmb___ar_all_transactions +WITH INHERIT NOLOGIN +IN ROLE lsmb___create_ar_transaction, +lsmb___create_ar_invoice, +lsmb___list_ar_transactions; + +CREATE ROLE lsmb___create_sales_order +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +CREATE ROLE lsmb___create_sales_quotation +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +CREATE ROLE lsmb___list_sales_orders +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +CREATE ROLE lsmb___list_sales_quotations +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +CREATE ROLE lsmb___all_ar +WITH INHERIT NOLOGIN +IN ROLE lsmb___ar_all_vouchers, +lsmb___ar_all_transactions, +lsmb___create_sales_order, +lsmb___create_sales_quotation, +lsmb___list_sales_orders, +lsmb___list_sales_quotations; + +-- AP +CREATE ROLE lsmb___create_ap_transaction +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +CREATE ROLE lsmb___create_ap_transaction_voucher +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact, +lsmb___create_batch; + +CREATE ROLE lsmb___create_ap_invoice +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +CREATE ROLE lsmb___create_ap_invoice_voucher +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact, +lsmb___create_batch; + +CREATE ROLE lsmb___list_ap_transactions +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +CREATE ROLE lsmb___ap_all_vouchers +WITH INHERIT NOLOGIN +IN ROLE lsmb___create_ap_transaction_voucher, +lsmb___create_ap_invoice_voucher; + +CREATE ROLE lsmb___ap_all_transactions +WITH INHERIT NOLOGIN +IN ROLE lsmb___create_ap_transaction, +lsmb___create_ap_invoice, +lsmb___list_ap_transactions; + +CREATE ROLE lsmb___create_purchase_order +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___create_purchase_rfq +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +CREATE ROLE lsmb___list_purchase_orders +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +CREATE ROLE lsmb___list_purchase_rfqs +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +CREATE ROLE lsmb___all_ap +WITH INHERIT NOLOGIN +IN ROLE lsmb___ap_all_vouchers, +lsmb___ap_all_transactions, +lsmb___create_purchase_order, +lsmb___create_purchase_rfq, +lsmb___list_purchase_orders, +lsmb___list_purchase_rfqs; + +-- POS +CREATE ROLE lsmb___create_pos_invoice +WITH INHERIT NOLOGIN +IN ROLE lsmb___create_sales_invoice; + +CREATE ROLE lsmb___close_till +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___list_all_open +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___pos_cashier +WITH INHERIT NOLOGIN +lsmb___create_pos_invoice, +lsmb___close_till; + +CREATE ROLE lsmb___all_pos +WITH INHERIT NOLOGIN +IN ROLE lsmb___pos_cashier, +lsmb___list_all_open; + +-- CASH +CREATE ROLE lsmb___reconcile +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___approve_reconciliation +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___all_reconcile +WITH INHERIT NOLOGIN +IN ROLE lsmb___reconcile, +lsmb___approve_reconciliation; + +CREATE ROLE lsmb___process_payment +WITH INHERIT NOLOGIN +IN ROLE ar_list_transactions; + +CREATE ROLE lsmb___process_receipt +WITH INHERIT NOLOGIN +IN ROLE ap_list_transactions; + +CREATE ROLE lsmb___cash_all +WITH INHERIT NOLOGIN +IN ROLE lsmb___all_reconcile, +lsmb___process_payment, +lsmb___process_receipt; + +-- Inventory Control +CREATE ROLE lsmb___create_part +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___inventory_reports +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___stock_assembly +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___ship_inventory +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___receive_inventory +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___create_warehouse +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___all_inventory +WITH INHERIT NOLOGIN +IN ROLE lsmb___create_part, +lsmb___inventory_reports, +lsmb___stock_assembly, +lsmb___ship_inventory, +lsmb___receive_inventory, +lsmb___create_warehouse; + +-- GL +CREATE ROLE lsmb___create_transaction +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___create_transaction_voucher +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___list_transactions +WITH INHERIT NOLOGIN +IN ROLE lsmb___list_ar_transactions, +lsmb___list_ap_transactions; + +CREATE ROLE lsmb___run_yearend +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___all_gl +WITH INHERIT NOLOGIN +IN ROLE lsmb___create_transaction, +lsmb___create_transaction_voucher, +lsmb___run_yearend, +lsmb___list_transactions; + +-- PROJECTS +CREATE ROLE lsmb___create_project +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___add_project_timecard +WITH INHERIT NOLOGIN; + +-- ORDER GENERATION +CREATE ROLE lsmb___project_generate_orders +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___sales_to_purchase_orders +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___consolidate_purchase_orders +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___consolidate_sales_orders +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___manage_orders +WITH INHERIT NOLOGIN +IN ROLE lsmb___project_generate_orders, +lsmb___sales_to_purchase_orders, +lsmb___consolidate_purchase_orders, +lsmb___consolidate_sales_orders; + +-- FINANCIAL REPORTS +CREATE ROLE lsmb___run_financial_reports +WITH INHERIT NOLOGIN +IN ROLE lsmb___list_transactions; + +-- RECURRING TRANSACTIONS +-- TO ADD WHEN THIS IS REDESIGNED + +-- BATCH PRINTING +CREATE ROLE lsmb___list_print_jobs +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___print_jobs +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___all_batch_printing +WITH INHERIT NOLOGIN +IN ROLE lsmb___list_print_jobs, +lsmb___print_jobs; + +-- SYSTEM SETTINGS +CREATE ROLE lsmb___list_system_settings +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___change_system_settings +WITH INHERIT NOLOGIN +IN ROLE lsmb___list_system_settings; + +CREATE ROLE lsmb___set_taxes +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___create_account +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___edit_account +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___create_gifi +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___edit_gifi +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___all_accounts +WITH INHERIT NOLOGIN +IN ROLE lsmb___create_account, +lsmb___set_taxes, +lsmb___edit_account, +lsmb___create_gifi; +lsmb___edit_gifi; + +CREATE ROLE lsmb___create_department +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___edit_department +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___all_department +WITH INHERIT NOLOGIN +IN ROLE lsmb___create_department, +lsmb___edit_department; + +CREATE ROLE lsmb___create_business_type +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___edit_business_type +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___all_business_type +WITH INHERIT NOLOGIN +IN ROLE lsmb___create_business_type, +lsmb___edit_business_type; + +CREATE ROLE lsmb___create_sic +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___edit_sic +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___all_sic +WITH INHERIT NOLOGIN +IN ROLE lsmb___create_sic, +lsmb___edit_sic; + +CREATE ROLE lsmb___edit_template +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___manage_system +WITH INHERIT NOLOGIN +IN ROLE lsmb___change_system_settings, +lsmb___all_accounts, +lsmb___all_department, +lsmb___all_business_type, +lsmb___all_sic, +lsmb___edit_template; + +-- Manual Translation +CREATE ROLE lsmb___create_language +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___create_part_translation +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___create_project_translation +WITH INHERIT NOLOGIN; + +CREATE ROLE lsmb___all_manual_translation +WITH INHERIT NOLOGIN +IN ROLE lsmb___create_language, +lsmb___create_part_translation, +lsmb___create_project_translation; + -- cgit v1.2.3